Blame - tests/suites/test_suite_rsa.function - mirror/mbed-tls

blob: 896eebbf98c2ba6eb8749464b19730a7780b1ae0 [file] [log] [blame]

Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	1	BEGIN_HEADER
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	2	#include <polarssl/config.h>
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	3	#include <polarssl/rsa.h>
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	4	#include <polarssl/md2.h>
				5	#include <polarssl/md4.h>
				6	#include <polarssl/md5.h>
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	7	#include <polarssl/sha1.h>
				8	#include <polarssl/sha2.h>
				9	#include <polarssl/sha4.h>
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	10	#include <polarssl/havege.h>
Paul Bakker	545570e	2010-07-18 09:00:25 +0000	[diff] [blame]	11
				12	static int myrand( void *rng_state )
				13	{
				14	if( rng_state != NULL )
				15	rng_state = NULL;
				16
				17	return( rand() );
				18	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	19	END_HEADER
				20
				21	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	22	rsa_pkcs1_sign:message_hex_string:padding_mode:digest:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:result_hex_str:result
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	23	{
				24	unsigned char message_str[1000];
				25	unsigned char hash_result[1000];
				26	unsigned char output[1000];
				27	unsigned char output_str[1000];
				28	rsa_context ctx;
				29	mpi P1, Q1, H, G;
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	30	int msg_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	31
				32	mpi_init( &P1, &Q1, &H, &G, NULL );
Paul Bakker	545570e	2010-07-18 09:00:25 +0000	[diff] [blame]	33	rsa_init( &ctx, {padding_mode}, 0, &myrand, NULL );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	34
				35	memset( message_str, 0x00, 1000 );
				36	memset( hash_result, 0x00, 1000 );
				37	memset( output, 0x00, 1000 );
				38	memset( output_str, 0x00, 1000 );
				39
				40	ctx.len = {mod} / 8;
				41	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				42	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				43	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				44	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				45
				46	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				47	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				48	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				49	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				50	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				51	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				52	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				53	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				54
				55	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				56
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	57	msg_len = unhexify( message_str, {message_hex_string} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	58
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	59	switch( {digest} )
				60	{
				61	#ifdef POLARSSL_MD2_C
				62	case SIG_RSA_MD2:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	63	md2( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	64	break;
				65	#endif
				66	#ifdef POLARSSL_MD4_C
				67	case SIG_RSA_MD4:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	68	md4( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	69	break;
				70	#endif
				71	#ifdef POLARSSL_MD5_C
				72	case SIG_RSA_MD5:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	73	md5( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	74	break;
				75	#endif
				76	#ifdef POLARSSL_SHA1_C
				77	case SIG_RSA_SHA1:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	78	sha1( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	79	break;
				80	#endif
				81	#ifdef POLARSSL_SHA2_C
				82	case SIG_RSA_SHA224:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	83	sha2( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	84	break;
				85	case SIG_RSA_SHA256:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	86	sha2( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	87	break;
				88	#endif
				89	#ifdef POLARSSL_SHA4_C
				90	case SIG_RSA_SHA384:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	91	sha4( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	92	break;
				93	case SIG_RSA_SHA512:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	94	sha4( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	95	break;
				96	#endif
				97	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	98
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	99	TEST_ASSERT( rsa_pkcs1_sign( &ctx, RSA_PRIVATE, {digest}, 0, hash_result, output ) == {result} );
				100	if( {result} == 0 )
				101	{
				102	hexify( output_str, output, ctx.len );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	103
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	104	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				105	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	106	}
				107	END_CASE
				108
				109	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	110	rsa_pkcs1_verify:message_hex_string:padding_mode:digest:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	111	{
				112	unsigned char message_str[1000];
				113	unsigned char hash_result[1000];
				114	unsigned char result_str[1000];
				115	rsa_context ctx;
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	116	int msg_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	117
Paul Bakker	545570e	2010-07-18 09:00:25 +0000	[diff] [blame]	118	rsa_init( &ctx, {padding_mode}, 0, &myrand, NULL );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	119	memset( message_str, 0x00, 1000 );
				120	memset( hash_result, 0x00, 1000 );
				121	memset( result_str, 0x00, 1000 );
				122
				123	ctx.len = {mod} / 8;
				124	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				125	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				126
				127	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				128
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	129	msg_len = unhexify( message_str, {message_hex_string} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	130	unhexify( result_str, {result_hex_str} );
				131
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	132	switch( {digest} )
				133	{
				134	#ifdef POLARSSL_MD2_C
				135	case SIG_RSA_MD2:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	136	md2( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	137	break;
				138	#endif
				139	#ifdef POLARSSL_MD4_C
				140	case SIG_RSA_MD4:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	141	md4( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	142	break;
				143	#endif
				144	#ifdef POLARSSL_MD5_C
				145	case SIG_RSA_MD5:
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	146	md5( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	147	break;
				148	#endif
				149	#ifdef POLARSSL_SHA1_C
				150	case SIG_RSA_SHA1:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	151	sha1( message_str, msg_len, hash_result );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	152	break;
				153	#endif
				154	#ifdef POLARSSL_SHA2_C
				155	case SIG_RSA_SHA224:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	156	sha2( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	157	break;
				158	case SIG_RSA_SHA256:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	159	sha2( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	160	break;
				161	#endif
				162	#ifdef POLARSSL_SHA4_C
				163	case SIG_RSA_SHA384:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	164	sha4( message_str, msg_len, hash_result, 1 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	165	break;
				166	case SIG_RSA_SHA512:
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	167	sha4( message_str, msg_len, hash_result, 0 );
Paul Bakker	76791f7	2009-10-03 20:02:00 +0000	[diff] [blame]	168	break;
				169	#endif
				170	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	171
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	172	TEST_ASSERT( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, {digest}, 0, hash_result, result_str ) == {result} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	173	}
				174	END_CASE
				175
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	176
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	177	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	178	rsa_pkcs1_sign_raw:message_hex_string:hash_result_string:padding_mode:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:result_hex_str
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	179	{
				180	unsigned char message_str[1000];
				181	unsigned char hash_result[1000];
				182	unsigned char output[1000];
				183	unsigned char output_str[1000];
				184	rsa_context ctx;
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	185	mpi P1, Q1, H, G;
				186	int msg_len, hash_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	187
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	188	mpi_init( &P1, &Q1, &H, &G, NULL );
Paul Bakker	545570e	2010-07-18 09:00:25 +0000	[diff] [blame]	189	rsa_init( &ctx, {padding_mode}, 0, &myrand, NULL );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	190
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	191	memset( message_str, 0x00, 1000 );
				192	memset( hash_result, 0x00, 1000 );
				193	memset( output, 0x00, 1000 );
				194	memset( output_str, 0x00, 1000 );
				195
				196	ctx.len = {mod} / 8;
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	197	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				198	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				199	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				200	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				201
				202	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				203	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				204	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				205	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				206	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				207	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				208	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				209	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				210
				211	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				212
				213	msg_len = unhexify( message_str, {message_hex_string} );
				214	hash_len = unhexify( hash_result, {hash_result_string} );
				215
Paul Bakker	fc22c44	2009-07-19 20:36:27 +0000	[diff] [blame]	216	TEST_ASSERT( rsa_pkcs1_sign( &ctx, RSA_PRIVATE, SIG_RSA_RAW, hash_len, hash_result, output ) == 0 );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	217
				218	hexify( output_str, output, ctx.len );
				219
				220	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				221	}
				222	END_CASE
				223
				224	BEGIN_CASE
				225	rsa_pkcs1_verify_raw:message_hex_string:hash_result_string:padding_mode:mod:radix_N:input_N:radix_E:input_E:result_hex_str:correct
				226	{
				227	unsigned char message_str[1000];
				228	unsigned char hash_result[1000];
				229	unsigned char result_str[1000];
				230	rsa_context ctx;
				231	int msg_len, hash_len;
				232
Paul Bakker	545570e	2010-07-18 09:00:25 +0000	[diff] [blame]	233	rsa_init( &ctx, {padding_mode}, 0, &myrand, NULL );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	234	memset( message_str, 0x00, 1000 );
				235	memset( hash_result, 0x00, 1000 );
				236	memset( result_str, 0x00, 1000 );
				237
				238	ctx.len = {mod} / 8;
				239	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				240	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				241
				242	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				243
				244	msg_len = unhexify( message_str, {message_hex_string} );
				245	hash_len = unhexify( hash_result, {hash_result_string} );
				246	unhexify( result_str, {result_hex_str} );
				247
Paul Bakker	fc22c44	2009-07-19 20:36:27 +0000	[diff] [blame]	248	TEST_ASSERT( rsa_pkcs1_verify( &ctx, RSA_PUBLIC, SIG_RSA_RAW, hash_len, hash_result, result_str ) == {correct} );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	249	}
				250	END_CASE
				251
				252	BEGIN_CASE
				253	rsa_pkcs1_encrypt:message_hex_string:padding_mode:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
				254	{
				255	unsigned char message_str[1000];
				256	unsigned char output[1000];
				257	unsigned char output_str[1000];
				258	rsa_context ctx;
				259	int msg_len;
				260
Paul Bakker	545570e	2010-07-18 09:00:25 +0000	[diff] [blame]	261	rsa_init( &ctx, {padding_mode}, 0, &myrand, NULL );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	262	memset( message_str, 0x00, 1000 );
				263	memset( output, 0x00, 1000 );
				264	memset( output_str, 0x00, 1000 );
				265
				266	ctx.len = {mod} / 8;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	267	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				268	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				269
				270	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				271
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	272	msg_len = unhexify( message_str, {message_hex_string} );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	273
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	274	TEST_ASSERT( rsa_pkcs1_encrypt( &ctx, RSA_PUBLIC, msg_len, message_str, output ) == {result} );
				275	if( {result} == 0 )
				276	{
				277	hexify( output_str, output, ctx.len );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	278
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	279	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				280	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	281	}
				282	END_CASE
				283
				284	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	285	rsa_pkcs1_decrypt:message_hex_string:padding_mode:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:max_output:result_hex_str:result
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	286	{
				287	unsigned char message_str[1000];
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	288	unsigned char output[1000];
				289	unsigned char output_str[1000];
				290	rsa_context ctx;
				291	mpi P1, Q1, H, G;
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	292	int output_len;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	293
				294	mpi_init( &P1, &Q1, &H, &G, NULL );
Paul Bakker	545570e	2010-07-18 09:00:25 +0000	[diff] [blame]	295	rsa_init( &ctx, {padding_mode}, 0, &myrand, NULL );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	296
				297	memset( message_str, 0x00, 1000 );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	298	memset( output, 0x00, 1000 );
				299	memset( output_str, 0x00, 1000 );
				300
				301	ctx.len = {mod} / 8;
				302	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				303	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				304	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				305	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				306
				307	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				308	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				309	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				310	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				311	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				312	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				313	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				314	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				315
				316	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				317
				318	unhexify( message_str, {message_hex_string} );
Paul Bakker	69998dd	2009-07-11 19:15:20 +0000	[diff] [blame]	319	output_len = 0;
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	320
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	321	TEST_ASSERT( rsa_pkcs1_decrypt( &ctx, RSA_PRIVATE, &output_len, message_str, output, {max_output} ) == {result} );
				322	if( {result} == 0 )
				323	{
				324	hexify( output_str, output, ctx.len );
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	325
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	326	TEST_ASSERT( strncasecmp( (char *) output_str, {result_hex_str}, strlen( {result_hex_str} ) ) == 0 );
				327	}
				328	}
				329	END_CASE
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	330
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	331	BEGIN_CASE
				332	rsa_public:message_hex_string:mod:radix_N:input_N:radix_E:input_E:result_hex_str:result
				333	{
				334	unsigned char message_str[1000];
				335	unsigned char output[1000];
				336	unsigned char output_str[1000];
				337	rsa_context ctx;
				338
Paul Bakker	545570e	2010-07-18 09:00:25 +0000	[diff] [blame]	339	rsa_init( &ctx, RSA_PKCS_V15, 0, &myrand, NULL );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	340	memset( message_str, 0x00, 1000 );
				341	memset( output, 0x00, 1000 );
				342	memset( output_str, 0x00, 1000 );
				343
				344	ctx.len = {mod} / 8;
				345	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				346	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				347
				348	TEST_ASSERT( rsa_check_pubkey( &ctx ) == 0 );
				349
				350	unhexify( message_str, {message_hex_string} );
				351
				352	TEST_ASSERT( rsa_public( &ctx, message_str, output ) == {result} );
				353	if( {result} == 0 )
				354	{
				355	hexify( output_str, output, ctx.len );
				356
				357	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				358	}
				359	}
				360	END_CASE
				361
				362	BEGIN_CASE
				363	rsa_private:message_hex_string:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:result_hex_str:result
				364	{
				365	unsigned char message_str[1000];
				366	unsigned char output[1000];
				367	unsigned char output_str[1000];
				368	rsa_context ctx;
				369	mpi P1, Q1, H, G;
				370
				371	mpi_init( &P1, &Q1, &H, &G, NULL );
Paul Bakker	545570e	2010-07-18 09:00:25 +0000	[diff] [blame]	372	rsa_init( &ctx, RSA_PKCS_V15, 0, &myrand, NULL );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	373
				374	memset( message_str, 0x00, 1000 );
				375	memset( output, 0x00, 1000 );
				376	memset( output_str, 0x00, 1000 );
				377
				378	ctx.len = {mod} / 8;
				379	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				380	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				381	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				382	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				383
				384	TEST_ASSERT( mpi_sub_int( &P1, &ctx.P, 1 ) == 0 );
				385	TEST_ASSERT( mpi_sub_int( &Q1, &ctx.Q, 1 ) == 0 );
				386	TEST_ASSERT( mpi_mul_mpi( &H, &P1, &Q1 ) == 0 );
				387	TEST_ASSERT( mpi_gcd( &G, &ctx.E, &H ) == 0 );
				388	TEST_ASSERT( mpi_inv_mod( &ctx.D , &ctx.E, &H ) == 0 );
				389	TEST_ASSERT( mpi_mod_mpi( &ctx.DP, &ctx.D, &P1 ) == 0 );
				390	TEST_ASSERT( mpi_mod_mpi( &ctx.DQ, &ctx.D, &Q1 ) == 0 );
				391	TEST_ASSERT( mpi_inv_mod( &ctx.QP, &ctx.Q, &ctx.P ) == 0 );
				392
				393	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				394
				395	unhexify( message_str, {message_hex_string} );
				396
				397	TEST_ASSERT( rsa_private( &ctx, message_str, output ) == {result} );
				398	if( {result} == 0 )
				399	{
				400	hexify( output_str, output, ctx.len );
				401
				402	TEST_ASSERT( strcasecmp( (char *) output_str, {result_hex_str} ) == 0 );
				403	}
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	404	}
				405	END_CASE
				406
				407	BEGIN_CASE
Paul Bakker	37940d9f	2009-07-10 22:38:58 +0000	[diff] [blame]	408	rsa_check_privkey_null:
				409	{
				410	rsa_context ctx;
				411	memset( &ctx, 0x00, sizeof( rsa_context ) );
				412
				413	TEST_ASSERT( rsa_check_privkey( &ctx ) == POLARSSL_ERR_RSA_KEY_CHECK_FAILED );
				414	}
				415	END_CASE
				416
				417	BEGIN_CASE
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	418	rsa_check_pubkey:radix_N:input_N:radix_E:input_E:result
				419	{
				420	rsa_context ctx;
				421
Paul Bakker	545570e	2010-07-18 09:00:25 +0000	[diff] [blame]	422	rsa_init( &ctx, RSA_PKCS_V15, 0, &myrand, NULL );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	423
				424	if( strlen( {input_N} ) )
				425	{
				426	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				427	}
				428	if( strlen( {input_E} ) )
				429	{
				430	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				431	}
				432
				433	TEST_ASSERT( rsa_check_pubkey( &ctx ) == {result} );
				434	}
				435	END_CASE
				436
				437	BEGIN_CASE
				438	rsa_check_privkey:mod:radix_P:input_P:radix_Q:input_Q:radix_N:input_N:radix_E:input_E:radix_D:input_D:result
				439	{
				440	rsa_context ctx;
				441
Paul Bakker	545570e	2010-07-18 09:00:25 +0000	[diff] [blame]	442	rsa_init( &ctx, RSA_PKCS_V15, 0, &myrand, NULL );
Paul Bakker	821fb08	2009-07-12 13:26:42 +0000	[diff] [blame]	443
				444	ctx.len = {mod} / 8;
				445	if( strlen( {input_P} ) )
				446	{
				447	TEST_ASSERT( mpi_read_string( &ctx.P, {radix_P}, {input_P} ) == 0 );
				448	}
				449	if( strlen( {input_Q} ) )
				450	{
				451	TEST_ASSERT( mpi_read_string( &ctx.Q, {radix_Q}, {input_Q} ) == 0 );
				452	}
				453	if( strlen( {input_N} ) )
				454	{
				455	TEST_ASSERT( mpi_read_string( &ctx.N, {radix_N}, {input_N} ) == 0 );
				456	}
				457	if( strlen( {input_E} ) )
				458	{
				459	TEST_ASSERT( mpi_read_string( &ctx.E, {radix_E}, {input_E} ) == 0 );
				460	}
				461	if( strlen( {input_D} ) )
				462	{
				463	TEST_ASSERT( mpi_read_string( &ctx.D, {radix_D}, {input_D} ) == 0 );
				464	}
				465
				466	TEST_ASSERT( rsa_check_privkey( &ctx ) == {result} );
				467	}
				468	END_CASE
				469
				470	BEGIN_CASE
				471	rsa_gen_key:nrbits:exponent:result
				472	{
				473	rsa_context ctx;
				474	havege_state hs;
				475
				476	havege_init( &hs );
				477	rsa_init( &ctx, 0, 0, havege_rand, &hs );
				478
				479	TEST_ASSERT( rsa_gen_key( &ctx, {nrbits}, {exponent} ) == {result} );
				480	if( {result} == 0 )
				481	{
				482	TEST_ASSERT( rsa_check_privkey( &ctx ) == 0 );
				483	}
				484	}
				485	END_CASE
				486
				487	BEGIN_CASE
Paul Bakker	42a29bf	2009-07-07 20:18:41 +0000	[diff] [blame]	488	rsa_selftest:
				489	{
				490	TEST_ASSERT( rsa_self_test( 0 ) == 0 );
				491	}
				492	END_CASE